PT-2025-43552 · Frontier Airlines · Frontier Airlines Website
Yuriy Kuzma
·
Published
2025-10-23
·
Updated
2025-12-31
·
CVE-2025-62236
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Frontier Airlines website (affected versions not specified)
Description
The Frontier Airlines website has a publicly available endpoint that allows validation of whether an email address is associated with an account. An unauthenticated, remote attacker could determine valid email addresses, potentially aiding in further attacks. The vulnerable API endpoint is used for email address validation.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Frontier Airlines Website